11. Digital signature
A digital signature is the addition of another piece of content to the message as proof of the sender and proof that the message has not been tampered with. Generally, the sender processes the information with a hash algorithm to obtain a hash value, and then encrypts the hash value with a private key to obtain a signature. The sender then sends the message along with the signature to the recipient. The receiver decrypts the signature using the sender's public key, restores the hash value, and then verifies whether the hash value of the information and the hash value restored by the decryption signature are consistent by the hash algorithm, thereby determining whether the information is sent from the sender. Or verify that the information has been tampered with.
12. Bitcoin privacy model
The traditional privacy model provides a degree of privacy protection for participants in the transaction. The third party will not hand over the trader's personally identifiable information. What the public knows is that someone sends a certain amount of money to Another person, but it is difficult to link the transaction to someone with a specific identity, and the public cannot know who the person is. This is similar to the information published by the stock exchange. The time and volume of trading of each stock is recorded and available for inquiry, but the identity information of both parties is not disclosed. However, in fact, the personal information of both parties to the transaction is stored in a third-party organization, so to some extent, the privacy information of the transaction participants will still be exposed.
In Bitcoin's privacy model (see Figure 2-8), all transactions do not require third-party manipulation, nor do they need to provide any identity information. Just provide the address of Bitcoin to complete a quasi-anonymity with anyone. transaction. To a certain extent, transactions cannot be traced back to the trader itself, so transactions on Bitcoin can be freed from regulation to some extent. However, by correlating the address of the transaction on the blockchain and the transaction amount, it is also possible to obtain clues about the trader. Therefore, bitcoin transactions are not purely anonymous trading mechanisms, but rather pseudo-anonymous trading mechanisms.
2.1.2 Framework and features
1. Introduction to the framework
At present, most blockchain technologies are similar to Bitcoin, and most of them are based on the Bitcoin architecture. At present, blockchain technology has received extensive attention in the financial industry and is considered to be used to reconstruct the existing IT infrastructure of the traditional financial industry from the bottom. We divide the blockchain infrastructure into three layers to illustrate.First, above the network layer, the blockchain is a distributed system based on IP communication protocols and peer-to-peer networks. Unlike traditional distributed systems with centers, it does not rely on centralized server nodes. The message is forwarded, but each node participates in the forwarding of the message. Therefore, P2P networks have higher security than traditional networks. Any node that is attacked will not affect the entire network. All nodes maintain state information of the entire system.
Secondly, at the data level, the blockchain is a distributed database system that can only be added and cannot be changed. It is a distributed ledger. If it is a public blockchain, that is, a public chain, then this book can be queried by anyone anywhere, completely transparent. In a blockchain network, nodes use a consensus algorithm to maintain the consistency of the book database in the network. At the same time, cryptographic signatures and hashing algorithms are used to ensure that the database is not tamperable, false, and traceable. For example, in the Bitcoin system, it is possible to reorganize the blockchain to modify the book information only when 51% of the network computing power is controlled. As the designer of the Bitcoin system, Nakamoto has skillfully added a mining incentive proof (PoW) mechanism with economic incentives, even those who have more than 51% of the network's computing power will not harm themselves. Initiate an attack on the network. Therefore, the Bitcoin system has been running continuously for more than seven years since its launch, and there have been no security failures caused by defects in the Bitcoin system itself.
Again, at the application level, we can replace the traditional registration and clearing system with a blockchain. On June 22, 2016, the Boston Consulting Group stated that by 2030, global payment business revenue is expected to reach $807 billion. The exchange and payment based on blockchain technology belongs to the 1.0 application version of the blockchain, and its security, transaction time and cost will subvert the traditional payment service. Citibank also made it clear that by 2020, if major financial institutions use blockchain technology, they can save more than $20 billion annually. Guoxin Securities analysis report pointed out that through the point-to-point distributed time stamp server of the blockchain to generate electronic transaction certificates arranged and recorded according to time, the double payment problem can be solved, which brings the possibility that the settlement cost becomes zero. According to a German bank's research report citing Boston Consulting, European banks' IT cost expenditures accounted for an average of 16% of the bank's overall operating costs [5]. An important reason is that the traditional bank's structure in the maintenance of the books, settlement and settlement of payment transactions is too complicated, and the maintenance cost is too high.
On the application side, the blockchain platform provides a programming environment for users to write smart contracts. Through smart contracts, business rules can be translated into contracts that are automatically executed on the blockchain platform. The execution of the contract is independent of trusted third parties and is not subject to human intervention. In theory, once deployed, it will be automatically executed once the conditions for contract execution are met. Execution results can also be publicly checked on the blockchain, providing contractual fairness and transparency. Therefore, smart contracts can reduce the cost of intermediaries involved in contract establishment, execution, and arbitration. The intelligent contract of the blockchain lays the foundation for the future creation of programmable currency, programmable finance, and even programmable society.
2. Architecture features
The blockchain has the characteristics of decentralization, reliable database, open source programmable, collective maintenance, security and credibility, and transaction quasi-anonymity. If a system does not have the above features, it will not be considered an application based on blockchain technology.
(1) Decentralization
The process of storing, transmitting, and verifying blockchain data is based on a distributed system structure. The entire network does not rely on a hardware or management organization that is not centralized. As a deployment model of blockchain, all participating nodes in the public chain network can have the same rights and obligations.
(2) Reliable database
The database of the blockchain system uses distributed storage, and any participating node can have a complete copy of the database. Unless more than half of the computing power in the system can be controlled, modifications to the database on the node will be invalid. The more nodes that participate in the system, the higher the security of the database. And the blockchain data is stored with a timestamp, which adds a time dimension to the data and is highly traceable.
(3) Open source programmable
The blockchain system is usually open source, and the code and highly transparent public chain data and programs are open to everyone, and anyone can query the data in the system through the interface. And the blockchain platform also provides a flexible scripting code system that allows users to create advanced smart contract, currency and decentralized applications. For example, the Ethereum platform provides Turing's complete scripting language for users to build any smart contract or transaction type that can be precisely defined. For more on Ethereum, please refer to section 2.2.
(4) Collective maintenance
The data blocks in the system are maintained by all the nodes with accounting functions in the whole system. The damage or loss of any node will not affect the operation of the whole system.
(5) Security and credibility
The blockchain technology uses the principle of asymmetric cryptography to sign the transaction, so that the transaction can not be forged. At the same time, the hash algorithm is used to ensure that the transaction data cannot be easily falsified. Finally, the consensus algorithm based on the workload of each node of the distributed system is used to form a powerful algorithm. The power of the algorithm to resist the attack of the destroyer, to ensure that the block in the blockchain and the transaction data in the block can not be falsified and unforgeable, so it has a very high security.
(6) Quasi-anonymity
The blockchain system uses the address linked to the user's public key to make the user's identity. It does not require a traditional PKI (Public Key Infrastructure)-based third-party certificate authority (Certif?icate Authority, CA) to issue a digital certificate to confirm the identity. By running a consensus algorithm on the nodes of the whole network, the consensus of the honest nodes in the network to the state of the whole network is established, and the trust between the nodes is indirectly established. Users only need to open the address, do not need to disclose the real identity, and the same user can constantly change the address. Therefore, transactions on the blockchain are not tied to the user's true identity, but are tied to the user's address and have a quasi-anonymity of the transaction. .
The core advantage of blockchain technology is decentralization, which can establish peer-to-peer transactions in distributed systems where nodes do not need to trust each other by using hash algorithms, digital signatures, time stamps, distributed consensus, and economic incentives. And collaboration to provide solutions to the high cost, inefficiency, and insecure data storage that are common to centralized organizations. In recent years, along with the research and application of blockchain technology by domestic and foreign research institutions, the application prospect of blockchain has been highly valued by all walks of life, and is considered to be following mainframes, personal computers, the Internet, and mobile/social networks. The fifth subversive innovation of the computational paradigm is the fourth milestone in the evolutionary history of human credit following blood credit, precious metal credit, and central banknote credit. It is regarded as the prototype of the next generation of cloud computing, and it is expected to completely reshape the form of human social activities and realize the transformation from the current information Internet to the value Internet.
2.1.3 Core Technology of Blockchain Operation
1. Link to the blockchain
As the name suggests, a blockchain is a chain of blocks. Each block is divided into two parts: block header and block body (including transaction data). The block header includes a PrevHash value (also known as a hash value) of the previous block used to implement the block link and a random number (nonce) for calculating the difficulty of the mining. The hash value of the previous block is actually the hash value of the head of the previous block, and the calculation of the random number rule determines which miner can obtain the power to record the block.
2. Consensus mechanism
The blockchain is born with bitcoin and is the basic technical architecture of Bitcoin. The blockchain can be understood as an Internet-based decentralized accounting system. A decentralized digital currency system like Bitcoin requires a blockchain to be completed to ensure consistency in the accounting of each honest node without a central node. Therefore, the core of blockchain technology is a consensus mechanism for reaching consensus on the legitimacy of transactions between individuals who do not have a basis for trust without central control.
There are four main types of consensus mechanisms for blockchain: PoW, PoS, DPoS, and distributed consistency algorithms.
(1)PoW
PoW (proof of workload), that is, mining mechanism like Bitcoin, the miner packs an existing transaction that has not been recorded on the network into a block, and then traverses the attempt to find a random number, so that the new block is added with a random number. The hash value satisfies certain difficulty conditions, for example, the first 10 bits are zero. Finding the random number that satisfies the condition is equivalent to determining the latest block of the blockchain, which is equivalent to obtaining the current round of bookkeeping rights of the blockchain. The miners broadcast the blocks that meet the mining difficulty conditions in the network. Other nodes in the whole network verify that the block meets the mining difficulty conditions. At the same time, the transaction data in the block meets the protocol specifications, and each block will be linked. Go to your own version of the blockchain to form a consensus on the current network state across the network.
Advantages: Complete decentralization, free access to nodes, avoiding the cost of establishing and maintaining a centralized credit institution. As long as the power of the network destroyer does not exceed 50% of the total network power, the transaction status of the network can be agreed.
Disadvantages: At present, bitcoin mining causes a lot of waste of resources; in addition, the incentive mechanism of mining also causes the concentration of the calculation of the mining pool, deviating from the original intention of decentralized design. The bigger problem is that the consensus of the PoW mechanism is long, and only 7 transactions per second can be made, which is not suitable for commercial applications.
(2) PoS
The PoS equity certificate requires the node to provide a distributed consensus mechanism with a certain amount of token proof to obtain the competitive blockchain accounting rights. If relying solely on the token balance to determine the book-entry, the winner must be won, leading to the centralization of the book-keeping rights and reducing the fairness of the consensus. Therefore, different PoS mechanisms use different methods to increase the accounting based on the equity certificate. The randomness of weights to avoid centralization. For example, in the PeerCoin PoS mechanism, the bitcoin with the longest chain age is more likely to obtain the accounting rights. NXT and Blackcoin use a formula to predict the next accounting node. The probability that a large number of tokens will be selected as a billing node will be large. In the future, Ethereum will also switch from the current PoW mechanism to the PoS mechanism. From the information currently seen, Ethereum's PoS mechanism will use the next bet to bet on the next block, and the bet will have extra Ethereum, bet. Those who are not in the middle will be deducted by Ethereum to reach the consensus of the next block.
Advantages: The time for consensus is shortened to a certain extent, and the waste of resources of the PoW mechanism is reduced.
Disadvantages: The cost of the cyber attack by the destroyer is low, and the security of the network needs to be verified. In addition, the node with a large number of tokens has a higher chance of obtaining the billing rights, which will make the network consensus dominated by a few wealthy accounts, thus losing the fairness.
(3) DPoS
DPoS (share authorization certificate) mechanism, similar to the board vote. The PoS mechanism adopted by bitshares is that the shareholder votes to select a certain number of witnesses. Each witness has two seconds of permission time to generate a block. If the witness is unable to generate a zone at a given time slice. Block, block generation permission is given to the witness corresponding to the next time slice. Shareholders can change these witnesses at any time by voting. This design of DPoS makes block generation faster and more energy efficient.
Advantages: Significantly reduce the number of participating verification and accounting nodes, can achieve second-level consensus verification.
Disadvantages: Election of a fixed number of witnesses as account candidates may not be suitable for a completely decentralized scenario. In addition, in the scenario where the number of network nodes is small, the representative of the electoral witness is not strong.
(4) Distributed Consistency Algorithm
The distributed consistency algorithm is based on traditional distributed consistency technology. Among them are Byzantine fault-tolerant algorithms that solve the problem of General Byzantine, such as PBFT. In addition, the distributed consistency algorithm (Pasox, Raft) for solving the non-Byzantine problem is detailed in the consensus algorithm in Chapter 5 of this book. This type of algorithm is currently a common consensus mechanism in the case of alliance chains and private chain links.
Advantages: Achieve a second-level fast consensus mechanism to ensure consistency.
Disadvantages: Decentralization is not as good as the consensus mechanism on the public chain; it is more suitable for multi-center business models involving multiple parties.
3. Unlock the script
Scripts are an important technique for auto-verifying and automating contracts on blockchains. Each output of each transaction does not strictly point to an address, but to a script. A script is similar to a set of rules that govern how a receiver can spend the assets locked on this output.
The legality verification of a transaction also depends on the script. Currently it relies on two types of scripts: lock scripts and unlock scripts. The lock script is a condition added to the output transaction, implemented by a scripting language, located at the output of the transaction. The unlock script corresponds to the lock script. Only the conditions that meet the lock script requirements can be spent on the corresponding assets on the script. A lot of flexible conditions can be expressed through scripting languages. The explanation script is through a "virtual machine" like our programming domain, which runs distributed on every node in the blockchain network.
Bitcoin scripts are currently commonly used in two types. One is the ordinary P2PKH (Pay-to-Public-Key-Hash), which is the hash address that is paid to the public key. The receiver only needs to use the private address corresponding to the address. The key signs the output and the output is spent. The other is P2SH (Pay-to-Script-Hash), which is the hash of the payment script. For example, in the case of multiple signatures, it is required that the output has N private key (M ≤ N) in the private key to be signed at the same time in order to spend the asset, which is similar to the insurance in real life that requires multiple keys to open at the same time. A cabinet, or a multi-person signature, can make a treaty effective, except that it is automatically executed.
For example, in Bitcoin, the script rules for P2PKH are as follows:
Pubkey script: OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
Signature script: <sig> <pubkey>
The script rules for P2SH are as follows:
Pubkey script: OP_HASH160 <Hash160(redeemScript)> OP_EQUAL
Signature script: <sig> [sig] [sig...] <redeemScript>
In the above two script rules, the Pubkey script represents the lock script, and the Signature script represents the unlock script. The word at the beginning of OP_ is the relevant script command and is also the instruction that the "virtual machine" can parse. These command rules are divided according to the different Pubkey scripts, and it also determines the rules for unlocking scripts.
The scripting mechanism in Bitcoin is relatively simple. It is just a stack-based engine that interprets relevant OP instructions. The script rules that can be parsed are not too many and cannot implement very complicated logic. But it provides a prototype for blockchain programming. Subsequent programmable blockchain projects are actually developed based on the principle of scripting. For example, Ethereum is a deeper enhancement of the scripting mechanism. The scripting mechanism is no longer simple. The OP command is a set of Turing-complete languages that support scripting, which can be executed by a "virtual machine". Ethereum has implemented a blockchain platform that supports Turing's complete scripting language.
The scripting mechanism is very important for the blockchain. It is similar to the extended interface provided by the blockchain technology. Anyone can develop blockchain-based applications based on this interface, such as the function of smart contracts. The scripting mechanism also makes blockchain technology a possible underlying protocol. In the future, many disruptive applications based on blockchains may be completed by the blockchain scripting language.
4. Trading rules
The blockchain transaction is the basic unit that constitutes the block, and it is also the actual effective content of the blockchain responsible for the record. A blockchain transaction can be a single transfer or other transaction such as the deployment of a smart contract.
In the case of Bitcoin, a transaction is a one-time payment transfer. The trading rules are as follows:
1) The input and output of the transaction cannot be empty.
2) For each input to the transaction, if the corresponding UTXO output can be found in the current trading pool, the transaction is rejected. Because the current trading pool is a transaction that is not recorded in the blockchain, and each input to the transaction should come from the confirmed UTXO. If found in the current trading pool, it is a double flower transaction.
3) For each input in the transaction, the corresponding output must be UTXO.
4) Each input unlocking script must verify the transaction's compliance with the corresponding output locking script.
For Ethereum, the deal may also be the deployment of smart contracts. The trading rules determine that contracts that meet certain grammatical rules can be deployed on the blockchain.
5. Trade priority
The priority of blockchain transactions is determined by the blockchain protocol rules. For Bitcoin, the order in which transactions are included by the block is determined by the time the transaction is broadcasted onto the network and the size of the transaction amount. As the time spent on the broadcast of the transaction grows, the chain age of the transaction increases, the priority of the transaction is increased, and eventually it is included in the block. For Ethereum, the priority of the transaction is also related to the transaction fee that the publisher of the transaction is willing to pay. The higher the transaction fee the publisher is willing to pay, the higher the priority of the transaction being included in the block.
6. Merkle proof
The original application of Merkle's proof was the Bitcoin system, which was described and created in 2009 by Satoshi Nakamoto. The Bitcoin blockchain uses the Merkle proof in order to store transactions in each block. It makes it impossible to tamper with the transaction, and it is easy to verify whether the transaction is included in a specific block. For details on the Merkle tree, see section 4.2.
An important use scenario for the Merkle tree is fast payment verification, the concept of Simplified Payment Verification (SPV) described by Nakamoto: The light client does not have to download every transaction and every block. It is possible to download only the block headers of the chain, and each block contains only the following five items, and the data block size is 80 byte
The hash value of the previous block header
Timestamp
Mining difficulty value
Workload proof random number (nonce)
The root hash of the Merkle tree containing the block transaction
If a light client wants to determine the status of a transaction, it can simply ask for a Merkle certificate that shows a particular transaction in the Merkle tree whose root is in the main chain (non-forked chain) Block head.
Merkle proves that the blockchain can be used more widely, but Bitcoin's light customers have its limitations. Although it is possible to prove the included transaction, it cannot prove any current status (for example: holding of digital assets, name registration, status of financial contracts, etc.). The exact nature of a deal's impact can depend on a few previous trades, and the trade itself relies on a more advanced trade, so ultimately you need to validate every trade on the entire chain. In order to solve this problem, Ethereum has made further innovations.
Each block in Ethereum does not contain only one Merkle tree, but contains three Merkle trees (see Figure 2-12), which correspond to the following three objects:
-
Transactions (Transactions)
-
Receipts (basically, it is a data bar showing the impact of each transaction)
-
State
These three trees allow the light client to easily perform and verify the following types of query answers:
1) Is the transaction included in a specific block?
2) Tell me that this address has issued all instances of X-type events in the past 30 days (for example, a crowdfunding contract has completed its goal).
3) What is the current balance of my account?
4) Does this account exist?
5) Pretend to run the deal in this contract, what is its output?
The first is handled by the transaction tree; the third and fourth are handled by the state tree, and the second is handled by the receipt tree. Calculating the first 4 query tasks is fairly straightforward. The server simply finds the object, gets the Merkel branch, and replies to the light client through the branch. The fifth query task is also handled by the state tree.
7. RLP
RLP (Recursive Length Pref? ix) is a main encoding method for object serialization in Ethereum. Its purpose is to encode the sequence of arbitrary nested binary data.
All data in Ethereum is stored in the form of Recursive Length Pref?ix encoding (RLP), which concatenates array strings of strings of arbitrary length and dimension into strings. For example, ['dog', 'cat'] is concatenated (in byte array format) as [130,67,100,111,103,67,99,97,116]; the basic idea is to put the data type And the length is encoded into a single byte in front of the actual data (for example, the byte array of 'dog' is encoded as [100, 111, 103], so it becomes [67, 100, 111, 103] after concatenation. ). Note that RLP encoding, as its name suggests, is recursive; when RLP encodes an array, it is actually a string encoding the RLP encoding of each element. It is important to note that all data in Ethereum is an integer; therefore, if there are any hashes or addresses that begin with one or more 0 bytes, these 0 bytes should be removed when there is a problem with the calculation. There is no concatenated data structure in Ethereum that contains any value starting with 0. Integers are stored in Big Endian 256 format (for example, the 32767 byte array format is [127,255]).
2.1.4 Blockchain transaction process
In the case of Bitcoin transactions, blockchain trading is not a transaction in the usual sense of hand-delivering, but a transfer. If each transfer needs to construct a transaction data, it would be awkward. In order to make the value easy to combine and split, Bitcoin transactions are designed to be able to incorporate multiple inputs and outputs, ie a transaction can be transferred to multiple people. From generation to propagation in the network, to proof of workload, verification of the entire network node, and finally to the blockchain, is the entire life cycle of the blockchain transaction.
The generation of the transaction. Owner A uses his private key to sign a digital signature for the previous transaction and the next owner B, and attaches this signature to the end of the currency to make a transaction order.
The spread of the transaction. A broadcasts the transaction order to the entire network, and each node will receive the transaction information into one block.
Proof of workload. Each node obtains the power to create a new block through a workload proof mechanism equivalent to solving a math problem, and strives to get a reward for the digital currency.
The entire network node is verified. When a node finds a solution, it broadcasts all the time-stamped transactions of the block record to the entire network, and is checked by other nodes of the entire network.
Recorded to the blockchain. The other nodes of the whole network check the correctness of the accounting of the block. After no error, they will compete for the next block after the legal block, thus forming a blockchain of legal accounting.